Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Desparately Need Help with Vundo Infection. Unable to Run Malware Detector


  • Please log in to reply
1 reply to this topic

#1 siennaskye

siennaskye

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:06:17 AM

Posted 16 September 2009 - 05:43 PM

Hopefully you all can help me! Please know that I am a novice so be patient with me!
I am running Windows XP Service Pack 2.


I have the following error on my computer: c:\windows\system32\belpzije.dll is not a valid image, etc.


All malware detectors have been blocked and VundoFix states no infection. I have attempted using MalwareBytes, SuperAntiSpyWare, Spyware S & D, Avast.

As soon as I start a scan with any Anti-Virus or Anti-Malware, it is automatically shuts down.



I have AVG Security Suite w/ Firewall (Free Edition) and Avast (Free) also downloaded.



I have downloaded Win32KDiag and here is the log:


Running from: C:\Documents and Settings\Bonita\Desktop\Win32kDiag.exe

Log file at : C:\Documents and Settings\Bonita\Desktop\Win32kDiag.txt

WARNING: Could not get backup privileges!

Searching 'C:\WINDOWS'...



Found mount point : C:\WINDOWS\$hf_mig$\KB913446\KB913446

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB917953\KB917953

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB920213\KB920213

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB932168\KB932168

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB933729\KB933729

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB941644\KB941644

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB943460\KB943460

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB956844\KB956844

Mount point destination : \Device\__max++>\^

Found mount point : C:\WINDOWS\$hf_mig$\KB971961-IE8\KB971961-IE8

Mount point destination : \Device\__max++>\^

Cannot access: C:\WINDOWS\$NtUninstallKB828741$\catsrv.dll

[1] 2005-07-25 23:20:23 225792 C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\catsrv.dll (Microsoft Corporation)

[1] 2005-07-25 23:39:42 225792 C:\WINDOWS\$NtServicePackUninstall$\catsrv.dll (Microsoft Corporation)

[1] 2003-07-16 15:25:06 215040 C:\WINDOWS\$NtUninstallKB828741$\catsrv.dll ()

[1] 2004-08-04 02:56:41 229888 C:\WINDOWS\$NtUninstallKB902400$\catsrv.dll (Microsoft Corporation)

[1] 2008-04-13 19:11:50 226304 C:\WINDOWS\ServicePackFiles\i386\catsrv.dll (Microsoft Corporation)

[1] 2008-04-13 19:11:50 226304 C:\WINDOWS\system32\catsrv.dll (Microsoft Corporation)



Cannot access: C:\WINDOWS\$NtUninstallKB828741$\catsrvut.dll

[1] 2005-07-25 23:20:23 625152 C:\WINDOWS\$hf_mig$\KB902400\SP2QFE\catsrvut.dll (Microsoft Corporation)

[1] 2005-07-25 23:39:43 625152 C:\WINDOWS\$NtServicePackUninstall$\catsrvut.dll (Microsoft Corporation)

[1] 2003-07-16 15:25:07 582656 C:\WINDOWS\$NtUninstallKB828741$\catsrvut.dll ()

[1] 2004-08-04 02:56:41 628224 C:\WINDOWS\$NtUninstallKB902400$\catsrvut.dll (Microsoft Corporation)

[1] 2008-04-13 19:11:50 625664 C:\WINDOWS\ServicePackFiles\i386\catsrvut.dll (Microsoft Corporation)


Thanks for you assistance!

BC AdBot (Login to Remove)

 


#2 siennaskye

siennaskye
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:06:17 AM

Posted 17 September 2009 - 07:31 PM

I also downloaded RootRepeal. It was disabled as well. Unable to run. Any suggestions or will I have to reformat?

Anyone out there????????




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users